admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-12-20 12:05:33 -05:00
parent ba45befb93
commit 541e666892
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
19 changed files with 1253 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2018/1000xxx/CVE-2018-1000867.json
View File

@ -1 +1,75 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=647"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions*.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.250853","DATE_REQUESTED": "2018-12-03T08:55:27","ID": "CVE-2018-1000867","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "SQL Injection"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.250853",
"DATE_REQUESTED" : "2018-12-03T08:55:27",
"ID" : "CVE-2018-1000867",
"REQUESTER" : "nils.stuenkel@t-systems.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "WeBid",
"version" : {
"version_data" : [
{
"version_value" : "up to current version 1.2.2"
}
]
}
}
]
},
"vendor_name" : "WeBid"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions*.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.webidsupport.com/view.php?id=647",
"refsource" : "MISC",
"url" : "http://bugs.webidsupport.com/view.php?id=647"
},
{
"name" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f",
"refsource" : "MISC",
"url" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"
},
{
"name" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt",
"refsource" : "MISC",
"url" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"
}
]
}
}

76
2018/1000xxx/CVE-2018-1000868.json
View File

@ -1 +1,75 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=648"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a Cross Site Scripting (XSS) vulnerability in user_login.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page. This attack appear to be exploitable via The victim user must click a malicous link. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.251656","DATE_REQUESTED": "2018-12-03T08:58:33","ID": "CVE-2018-1000868","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.251656",
"DATE_REQUESTED" : "2018-12-03T08:58:33",
"ID" : "CVE-2018-1000868",
"REQUESTER" : "nils.stuenkel@t-systems.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "WeBid",
"version" : {
"version_data" : [
{
"version_value" : "up to current version 1.2.2"
}
]
}
}
]
},
"vendor_name" : "WeBid"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WeBid version up to current version 1.2.2 contains a Cross Site Scripting (XSS) vulnerability in user_login.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page. This attack appear to be exploitable via The victim user must click a malicous link. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.webidsupport.com/view.php?id=648",
"refsource" : "MISC",
"url" : "http://bugs.webidsupport.com/view.php?id=648"
},
{
"name" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f",
"refsource" : "MISC",
"url" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"
},
{
"name" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt",
"refsource" : "MISC",
"url" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"
}
]
}
}

71
2018/1000xxx/CVE-2018-1000869.json
View File

@ -1 +1,70 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/phpipam/phpipam/issues/2344"},{"url": "https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d"}]},"description": {"description_data": [{"lang": "eng","value": "phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection.. This attack appear to be exploitable via Rough user, exploiting the vulnerability to access information he/she does not have access to.. This vulnerability appears to have been fixed in 1.4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.3.2"}]},"product_name": "phpIPAM"}]},"vendor_name": "phpIPAM"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.252735","DATE_REQUESTED": "2018-12-05T07:39:06","ID": "CVE-2018-1000869","ASSIGNER": "kurt@seifried.org","REQUESTER": "oscar@arnflo.se"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-89"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.252735",
"DATE_REQUESTED" : "2018-12-05T07:39:06",
"ID" : "CVE-2018-1000869",
"REQUESTER" : "oscar@arnflo.se",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "phpIPAM",
"version" : {
"version_data" : [
{
"version_value" : "1.3.2"
}
]
}
}
]
},
"vendor_name" : "phpIPAM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection.. This attack appear to be exploitable via Rough user, exploiting the vulnerability to access information he/she does not have access to.. This vulnerability appears to have been fixed in 1.4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-89"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d",
"refsource" : "MISC",
"url" : "https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d"
},
{
"name" : "https://github.com/phpipam/phpipam/issues/2344",
"refsource" : "MISC",
"url" : "https://github.com/phpipam/phpipam/issues/2344"
}
]
}
}

71
2018/1000xxx/CVE-2018-1000870.json
View File

@ -1 +1,70 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/phpipam/phpipam/issues/2326"},{"url": "https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040"}]},"description": {"description_data": [{"lang": "eng","value": "PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. This attack appear to be exploitable via Attacker change theme parameter in user settings. Admin(Victim) views user in admin-panel and gets exploited.. This vulnerability appears to have been fixed in 1.4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.3.2 and earlier"}]},"product_name": "PHPipam"}]},"vendor_name": "PHPipam"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.253944","DATE_REQUESTED": "2018-12-06T06:56:23","ID": "CVE-2018-1000870","ASSIGNER": "kurt@seifried.org","REQUESTER": "oscar@sakerhetskontoret.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-79"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.253944",
"DATE_REQUESTED" : "2018-12-06T06:56:23",
"ID" : "CVE-2018-1000870",
"REQUESTER" : "oscar@sakerhetskontoret.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PHPipam",
"version" : {
"version_data" : [
{
"version_value" : "1.3.2 and earlier"
}
]
}
}
]
},
"vendor_name" : "PHPipam"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. This attack appear to be exploitable via Attacker change theme parameter in user settings. Admin(Victim) views user in admin-panel and gets exploited.. This vulnerability appears to have been fixed in 1.4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-79"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040",
"refsource" : "MISC",
"url" : "https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040"
},
{
"name" : "https://github.com/phpipam/phpipam/issues/2326",
"refsource" : "MISC",
"url" : "https://github.com/phpipam/phpipam/issues/2326"
}
]
}
}

66
2018/1000xxx/CVE-2018-1000871.json
View File

@ -1 +1,65 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://www.exploit-db.com/exploits/45976"}]},"description": {"description_data": [{"lang": "eng","value": "HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in \"id_utente_mod\" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the \"id_utente_mod=1\" parameter."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.3.0 and earlier"}]},"product_name": "HotelDruid 2.3.0"}]},"vendor_name": "HotelDruid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.256066","DATE_REQUESTED": "2018-12-13T10:45:12","ID": "CVE-2018-1000871","ASSIGNER": "kurt@seifried.org","REQUESTER": "sainadhjamalpur@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "SQL Injection"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.256066",
"DATE_REQUESTED" : "2018-12-13T10:45:12",
"ID" : "CVE-2018-1000871",
"REQUESTER" : "sainadhjamalpur@gmail.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HotelDruid 2.3.0",
"version" : {
"version_data" : [
{
"version_value" : "2.3.0 and earlier"
}
]
}
}
]
},
"vendor_name" : "HotelDruid"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in \"id_utente_mod\" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the \"id_utente_mod=1\" parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "45976",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45976"
}
]
}
}

66
2018/1000xxx/CVE-2018-1000872.json
View File

@ -1 +1,65 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/OpenKMIP/PyKMIP/issues/430"}]},"description": {"description_data": [{"lang": "eng","value": "OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "All versions before 0.8.0"}]},"product_name": "PyKMIP"}]},"vendor_name": "OpenKMIP"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.258149","DATE_REQUESTED": "2018-11-12T15:52:55","ID": "CVE-2018-1000872","ASSIGNER": "kurt@seifried.org","REQUESTER": "secure@veritas.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE 399: Resource Management Errors (similar issue to CVE-2015-5262)"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.258149",
"DATE_REQUESTED" : "2018-11-12T15:52:55",
"ID" : "CVE-2018-1000872",
"REQUESTER" : "secure@veritas.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PyKMIP",
"version" : {
"version_data" : [
{
"version_value" : "All versions before 0.8.0"
}
]
}
}
]
},
"vendor_name" : "OpenKMIP"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE 399: Resource Management Errors (similar issue to CVE-2015-5262)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/OpenKMIP/PyKMIP/issues/430",
"refsource" : "MISC",
"url" : "https://github.com/OpenKMIP/PyKMIP/issues/430"
}
]
}
}

71
2018/1000xxx/CVE-2018-1000873.json
View File

@ -1 +1,70 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/FasterXML/jackson-modules-java8/issues/90"},{"url": "https://github.com/FasterXML/jackson-modules-java8/pull/87"}]},"description": {"description_data": [{"lang": "eng","value": "Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Before 2.9.8"}]},"product_name": "Jackson"}]},"vendor_name": "Fasterxml"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.260099","DATE_REQUESTED": "2018-12-17T16:15:43","ID": "CVE-2018-1000873","ASSIGNER": "kurt@seifried.org","REQUESTER": "secure@veritas.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-20: Improper Input Validation"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.260099",
"DATE_REQUESTED" : "2018-12-17T16:15:43",
"ID" : "CVE-2018-1000873",
"REQUESTER" : "secure@veritas.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jackson",
"version" : {
"version_data" : [
{
"version_value" : "Before 2.9.8"
}
]
}
}
]
},
"vendor_name" : "Fasterxml"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-20: Improper Input Validation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/FasterXML/jackson-modules-java8/issues/90",
"refsource" : "MISC",
"url" : "https://github.com/FasterXML/jackson-modules-java8/issues/90"
},
{
"name" : "https://github.com/FasterXML/jackson-modules-java8/pull/87",
"refsource" : "MISC",
"url" : "https://github.com/FasterXML/jackson-modules-java8/pull/87"
}
]
}
}

66
2018/1000xxx/CVE-2018-1000874.json
View File

@ -1 +1,65 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/cebe/markdown/issues/166"}]},"description": {"description_data": [{"lang": "eng","value": "PHP Markdown version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in The parser allows a malicious crafted script to be executed that can result in Steal user data with a crafted script. This attack appear to be exploitable via User must open a crafted MD formatted file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.2.0 and earlier"}]},"product_name": "Markdown"}]},"vendor_name": "PHP"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.261247","DATE_REQUESTED": "2018-12-05T15:20:20","ID": "CVE-2018-1000874","ASSIGNER": "kurt@seifried.org","REQUESTER": "stayysalty@protonmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.261247",
"DATE_REQUESTED" : "2018-12-05T15:20:20",
"ID" : "CVE-2018-1000874",
"REQUESTER" : "stayysalty@protonmail.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Markdown",
"version" : {
"version_data" : [
{
"version_value" : "1.2.0 and earlier"
}
]
}
}
]
},
"vendor_name" : "PHP"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP Markdown version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in The parser allows a malicious crafted script to be executed that can result in Steal user data with a crafted script. This attack appear to be exploitable via User must open a crafted MD formatted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/cebe/markdown/issues/166",
"refsource" : "MISC",
"url" : "https://github.com/cebe/markdown/issues/166"
}
]
}
}

66
2018/1000xxx/CVE-2018-1000875.json
View File

@ -1 +1,65 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/BOINC/boinc/issues/2907"}]},"description": {"description_data": [{"lang": "eng","value": "Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "0.9-1.0.2"}]},"product_name": "BOINC Server and Website Code"}]},"vendor_name": "Berkeley Open Infrastructure for Network Computing"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.262092","DATE_REQUESTED": "2018-12-13T17:03:00","ID": "CVE-2018-1000875","ASSIGNER": "kurt@seifried.org","REQUESTER": "theaspens0@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-302: Authentication Bypass by Assumed-Immutable Data"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.262092",
"DATE_REQUESTED" : "2018-12-13T17:03:00",
"ID" : "CVE-2018-1000875",
"REQUESTER" : "theaspens0@gmail.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "BOINC Server and Website Code",
"version" : {
"version_data" : [
{
"version_value" : "0.9-1.0.2"
}
]
}
}
]
},
"vendor_name" : "Berkeley Open Infrastructure for Network Computing"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-302: Authentication Bypass by Assumed-Immutable Data"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/BOINC/boinc/issues/2907",
"refsource" : "MISC",
"url" : "https://github.com/BOINC/boinc/issues/2907"
}
]
}
}

71
2018/1000xxx/CVE-2018-1000876.json
View File

@ -1 +1,70 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23994"},{"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f"}]},"description": {"description_data": [{"lang": "eng","value": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.32 and earlier"}]},"product_name": "binutils"}]},"vendor_name": "binutils"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.262881","DATE_REQUESTED": "2018-12-17T03:18:24","ID": "CVE-2018-1000876","ASSIGNER": "kurt@seifried.org","REQUESTER": "yanshb@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Integer Overflow"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.262881",
"DATE_REQUESTED" : "2018-12-17T03:18:24",
"ID" : "CVE-2018-1000876",
"REQUESTER" : "yanshb@gmail.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "binutils",
"version" : {
"version_data" : [
{
"version_value" : "2.32 and earlier"
}
]
}
}
]
},
"vendor_name" : "binutils"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer Overflow"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23994",
"refsource" : "MISC",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23994"
},
{
"name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f",
"refsource" : "MISC",
"url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f"
}
]
}
}

76
2018/1000xxx/CVE-2018-1000877.json
View File

@ -1 +1,75 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/021efa522ad729ff0f5806c4ce53e4a6cc1daa31"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.246062","DATE_REQUESTED": "2018-12-13T08:59:54","ID": "CVE-2018-1000877","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-415: Double Free"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.246062",
"DATE_REQUESTED" : "2018-12-13T08:59:54",
"ID" : "CVE-2018-1000877",
"REQUESTER" : "dja@axtens.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "libarchive",
"version" : {
"version_data" : [
{
"version_value" : "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"
}
]
}
}
]
},
"vendor_name" : "libarchive"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-415: Double Free"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105/commits/021efa522ad729ff0f5806c4ce53e4a6cc1daa31",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105/commits/021efa522ad729ff0f5806c4ce53e4a6cc1daa31"
}
]
}
}

76
2018/1000xxx/CVE-2018-1000878.json
View File

@ -1 +1,75 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.247087","DATE_REQUESTED": "2018-12-13T09:07:08","ID": "CVE-2018-1000878","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-416: Use After Free"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.247087",
"DATE_REQUESTED" : "2018-12-13T09:07:08",
"ID" : "CVE-2018-1000878",
"REQUESTER" : "dja@axtens.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "libarchive",
"version" : {
"version_data" : [
{
"version_value" : "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"
}
]
}
}
]
},
"vendor_name" : "libarchive"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-416: Use After Free"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28"
}
]
}
}

76
2018/1000xxx/CVE-2018-1000879.json
View File

@ -1 +1,75 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.247953","DATE_REQUESTED": "2018-12-13T09:14:30","ID": "CVE-2018-1000879","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-476: NULL Pointer Dereference"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.247953",
"DATE_REQUESTED" : "2018-12-13T09:14:30",
"ID" : "CVE-2018-1000879",
"REQUESTER" : "dja@axtens.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "libarchive",
"version" : {
"version_data" : [
{
"version_value" : "commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards)"
}
]
}
}
]
},
"vendor_name" : "libarchive"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-476: NULL Pointer Dereference"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175"
}
]
}
}

76
2018/1000xxx/CVE-2018-1000880.json
View File

@ -1 +1,75 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.248774","DATE_REQUESTED": "2018-12-13T09:53:50","ID": "CVE-2018-1000880","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-20: Improper Input Validation"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.248774",
"DATE_REQUESTED" : "2018-12-13T09:53:50",
"ID" : "CVE-2018-1000880",
"REQUESTER" : "dja@axtens.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "libarchive",
"version" : {
"version_data" : [
{
"version_value" : "commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards)"
}
]
}
}
]
},
"vendor_name" : "libarchive"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-20: Improper Input Validation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105"
},
{
"name" : "https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680",
"refsource" : "MISC",
"url" : "https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680"
}
]
}
}

66
2018/1000xxx/CVE-2018-1000881.json
View File

@ -1 +1,65 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/"}]},"description": {"description_data": [{"lang": "eng","value": "Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "4.0 and earlier"}]},"product_name": "Traccar Server"}]},"vendor_name": "Traccar"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.249463","DATE_REQUESTED": "2018-12-04T14:07:18","ID": "CVE-2018-1000881","ASSIGNER": "kurt@seifried.org","REQUESTER": "nickb@appcheck-ng.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.249463",
"DATE_REQUESTED" : "2018-12-04T14:07:18",
"ID" : "CVE-2018-1000881",
"REQUESTER" : "nickb@appcheck-ng.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Traccar Server",
"version" : {
"version_data" : [
{
"version_value" : "4.0 and earlier"
}
]
}
}
]
},
"vendor_name" : "Traccar"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/",
"refsource" : "MISC",
"url" : "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/"
}
]
}
}

76
2018/1000xxx/CVE-2018-1000882.json
View File

@ -1 +1,75 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=646"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.250141","DATE_REQUESTED": "2018-12-03T08:52:04","ID": "CVE-2018-1000882","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Directory Traversal"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-12-19T20:52:45.250141",
"DATE_REQUESTED" : "2018-12-03T08:52:04",
"ID" : "CVE-2018-1000882",
"REQUESTER" : "nils.stuenkel@t-systems.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "WeBid",
"version" : {
"version_data" : [
{
"version_value" : "up to current version 1.2.2"
}
]
}
}
]
},
"vendor_name" : "WeBid"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Directory Traversal"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.webidsupport.com/view.php?id=646",
"refsource" : "MISC",
"url" : "http://bugs.webidsupport.com/view.php?id=646"
},
{
"name" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f",
"refsource" : "MISC",
"url" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"
},
{
"name" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt",
"refsource" : "MISC",
"url" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"
}
]
}
}

2
2018/13xxx/CVE-2018-13843.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c."
"value" : "** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the \"failure to free memory\" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue."
}
]
},

63
2018/19xxx/CVE-2018-19233.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19233",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition",
"refsource" : "BUGTRAQ",
"url" : "https://seclists.org/bugtraq/2018/Nov/37"
},
{
"name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/Nov/55"
},
{
"name" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html"
},
{
"name" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/",
"refsource" : "MISC",
"url" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/"
}
]
}

63
2018/19xxx/CVE-2018-19234.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19234",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition",
"refsource" : "BUGTRAQ",
"url" : "https://seclists.org/bugtraq/2018/Nov/37"
},
{
"name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/Nov/55"
},
{
"name" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html"
},
{
"name" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/",
"refsource" : "MISC",
"url" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/"
}
]
}